I've just been thinking, what would be the best practices for firmware on networking.
I personally believe that you should try and stay at least 3 or so releases behind.
Some Fortinet releases have a tendency to break things, as they like to roll out bleeding edge features. (Not Trying to bag them)
If there is a major bug in a release that brings down production, of course, the mandatory testing should've picked that up.
You keep up with the latest features but not running the bleeding edge.
Just common sense to not run the latest
I am interested to know how everyone else approaches it.